Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,726
Maven
5,000+
npm
4,331
NuGet
763
pip
4,107
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

15,739 advisories

Loading
SQL injection vulnerability in /php/api_patient_schedule.php in SourceCodester Patients Waiting... Critical Unreviewed
CVE-2025-64081 was published Dec 8, 2025
A SQL injection vulnerability has been reported to affect several QNAP operating system versions.... Critical Unreviewed
CVE-2024-50387 was published Dec 6, 2024
Advantech iView versions prior to v5.7.04 build 6425 contain a vulnerability within the SNMP... Critical Unreviewed
CVE-2022-50593 was published Nov 6, 2025
Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands... High Unreviewed
CVE-2023-38890 was published Aug 18, 2023
Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing... High Unreviewed
CVE-2025-14254 was published Dec 8, 2025
Vitals ESP developed by Galaxy Software Services has a SQL Injection vulnerability, allowing... High Unreviewed
CVE-2025-14255 was published Dec 8, 2025
A vulnerability was detected in code-projects COVID Tracking System 1.0. This issue affects some... Moderate Unreviewed
CVE-2025-13585 was published Nov 24, 2025
The Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI plugin for WordPress is... Moderate Unreviewed
CVE-2025-13922 was published Dec 6, 2025
Mattermost Server is vulnerable to SQL Injection when executing multiple POST requests Critical
CVE-2017-18888 was published for github.com/mattermost/mattermost-server (Go) May 24, 2022
Billing Software v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities.... Critical Unreviewed
CVE-2023-49666 was published Jan 4, 2024
LibreNMS is vulnerable to SQL Injection (Boolean-Based Blind) in hostname parameter in ajax_output.php endpoint Moderate
CVE-2025-65093 was published for librenms/librenms (Composer) Nov 18, 2025
marcelomulder
Credited to marcelomulder
The My auctions allegro plugin for WordPress is vulnerable to SQL Injection via the ‘auction_id’... High Unreviewed
CVE-2025-12850 was published Dec 5, 2025
Advantech iView versions 5.7.05.7057 and prior do not properly sanitize SNMP v1 trap (Port 162)... High Unreviewed
CVE-2025-13373 was published Dec 5, 2025
dawa-pharma-1.0 allows unauthenticated attackers to execute SQL queries on the server, allowing... High Unreviewed
CVE-2023-53734 was published Dec 4, 2025
Obi08/Enrollment System 1.0 contains a SQL injection vulnerability in the keyword parameter of ... High Unreviewed
CVE-2024-58276 was published Dec 4, 2025
A vulnerability was determined in jsnjfz WebStack-Guns 1.0. This vulnerability affects unknown... Moderate Unreviewed
CVE-2025-13811 was published Dec 1, 2025
A vulnerability has been found in Chanjet CRM up to 20251106. The impacted element is an unknown... Moderate Unreviewed
CVE-2025-13788 was published Nov 30, 2025
A security vulnerability has been detected in ashraf-kabir travel-agency up to... Moderate Unreviewed
CVE-2025-13545 was published Nov 23, 2025
A vulnerability was detected in ashraf-kabir travel-agency up to... Moderate Unreviewed
CVE-2025-13546 was published Nov 23, 2025
A vulnerability has been found in Chanjet CRM 1.0 and classified as critical. Affected by this... Moderate Unreviewed
CVE-2025-6132 was published Jun 16, 2025
SQL injection vulnerability in TCMAN GIM v11 in version 20250304. This vulnerability allows an... High Unreviewed
CVE-2025-41013 was published Dec 2, 2025
assyncmy is vulnerable to SQL injection via crafted dict keys Critical
CVE-2025-65896 was published for asyncmy (pip) Dec 2, 2025
OpenCode Systems USSD Gateway OC Release: 5 Version 6.13.11 was discovered to contain a SQL... Critical Unreviewed
CVE-2025-65235 was published Nov 26, 2025
PostgreSQL SQL Injection (status_sql.php) in DB Electronica Telecomunicazioni S.p.A. Mozart FM... High Unreviewed
CVE-2025-66260 was published Nov 26, 2025
A blind SQL Injection (SQLi) vulnerability in mJobtime v15.7.2 allows unauthenticated attackers... Critical Unreviewed
CVE-2025-51683 was published Dec 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database